Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-0708

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2014-0708
Last Modified 24 Mar 2014 06:48:13
Published 20 Mar 2014 09:04:02
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2014-0708

Summary

WebEx Meeting Center in Cisco WebEx Business Suite does not properly compose URLs for HTTP GET requests, which allows remote attackers to obtain sensitive information by reading (1) web-server access logs, (2) web-server Referer logs, or (3) a browser's history, aka Bug ID CSCul98272.

Vulnerable Systems

Application

  • Cisco Webex Meeting Center


References

CISCO - 20140318 Cisco WebEx Business Suite HTTP GET Parameters Include Sensitive Information


Last Updated: 27 May 2016 11:04:44